Linksys routers have the ability to be managed remotely via a Web page or a smartphone app. The flaw involves a one or more scripts used in this process. Once the malware is installed, it tells the router to begin looking for others to infect in the same way. The malware also appears to contain code that may have it looking for a command and control server that would tell it what to do.

A PC World story lists these Linksys models as being potentially vulnerable, based on details posted to Reddit by a user who created a proof-of-concept exploit:

A spokesperson for Belkin – which now owns Linksys – confirmed the exploit to PC World, and said it can be prevented but making sure Remote Management Access is turned off. She said the routers ship with that feature disabled by default.

Linksys has posted information about how to update its routers to the latest firmware and make sure that Remote Management Access is turned off. If you’ve got a Linksys router, you should read it and take action ASAP.